<?php
    include('../init.php');
    
    foreach($_POST as $k=>$v){
        $$k = $v;
    }
    
    $q_email = $db->queryUniqueObject("SELECT m_id , m_name , m_lastname , m_email FROM hs_member WHERE m_email LIKE '$email'");
    
    if($q_email==NULL){
        echo $status_msg['email_dont_exist'];
    }else{
        $time_ = time();
        $seccode = md5($time_);
        $sql = "UPDATE hs_member SET m_seccode='$seccode' WHERE m_email LIKE '$email'";
        $result = $db->query($sql);
        
        if($result){
            $file = APPPATH.'/mail/member_forget_pass.txt';
            $handle = fopen($file,'r');
            //$body = fgets($handle);
            $body = '';
            if ($handle) {
                while (!feof($handle)) {
                    $file_ = fgets($handle, 4096);
                    $body .= $file_."<br>";
                }
                fclose($handle);
            }
            
            $sec = md5($q_email->m_id);
            
            $mail = new PHPMailer();
            $mail->IsMail();
            $mail->CharSet="utf-8";
            $mail->IsHTML(true);
            $mail->From = MAIN_EMAIL;
            
            $body = str_replace('{NAME}',$q_email->m_name,$body);
            $body = str_replace('{LASTNAME}',$q_email->m_lastname,$body);
            $body = str_replace('{SITENAME}',SITENAME,$body);
            $body = str_replace('{LINK}',URL."/member_forget_pass.php?code=$seccode&sec=$sec",$body);
            
            $mail->FromName = FORGET_PASS_TITLE;
            $mail->AddReplyTo(MAIN_EMAIL, FORGET_PASS_TITLE);
            $mail->AddAddress($q_email->m_email);
            $mail->Subject = FORGET_PASS_TITLE;
            $mail->Body = $body;
            $mail->Send();
            
            echo 'success';
        }else{
            echo $status_msg['cant_add'];
        }
    }
?>